Analyzing a Malicious APK

After hitting roadblocks on a couple other projects I’m working on, like analyzing firmware from a suspiciously cheap IP camera and analyzing the CAN network in my car, I decided to go back to malware analysis but look at mobile applications instead. So I searched Any.run for APKs and grabbed the first one. Name: VPX.apk […]

Read More Analyzing a Malicious APK

Anubis Stealer

I was looking for a .NET malware to mess around with dnspy a bit so I checked out https://bazaar.abuse.ch. Sure enough I found one right at the top that was labeled as AgentTesla and Anubis. Note: this is not the Android malware making its rounds currently that shares the same name. Sample info MD5: a9045a197fe0d39fe9d96f3937788f91 […]

Read More Anubis Stealer

Trojan.XMRig Analysis

Example.exe     MD5 – 60d7e7d1522a81917dde26bb9b5f4260     SHA256 – 9017dc9b43b1e8442dd4d423bec02820fde2a0efef05dc81926762e0ff8f263c I took a quick look at Malshare today and saw this interesting file named example.exe and I decided to analyze it. Let’s start with some static analysis. On Malshare, it was reported to have a UPX Packer YARA hit. I took a look at it in […]

Read More Trojan.XMRig Analysis